[Zope-dev] Object permission?

[Ng Pheng Siong]

Hello,

Me again. 

I'm designing an S/MIME product which will allow Zope to generate
S/MIME-signed/encrypted mail via a "<dtml-smime>" tag.

As designed, <dtml-smime> expects, as a parameter, an Smime object 
created previously. This is similar to <dtml-sendmail>'s use of an
existing MailHost object.

Associated with each said Smime object is a signer's private key and 
a bunch of recipient certificates. These are text files uploaded by
the creator of the Smime object.

The signer key and recipient certificates should not be "readable"
via browser by unauthorised users, for obvious reasons. However, 
the <dtml-smime> machinery, operating under whatever Zope user id
is invoking it, should be able to "read" them, in order to do its 
S/MIME business.

First questions: 

-   What permissions do I give to the uploaded key and certificates 
objects? 

-   What is the difference between "access contents information" and 
"view"? 

-   How do I assign permissions programmatically?


TIA. Cheers.

-- 
Ng Pheng Siong <ngps@post1.com> * http://www.post1.com/home/ngps